> Our requirements are functionally-equivalent to a copy of passwords.xlsx on a network share.
Really?!
That's the least secure option I can think about, including LastPass. No encryption whatsoever, and the whole setup relies on no one ever making copies or otherwise getting unauthorized access to the file. Audits could be tricky, too - Excel may save some temporary copies of this file somewhere (like in %TEMP%) without anyone realizing.
This stuff isn't rocket science (pass is a simple shell script, after all), but your comment sounds quite concerning. I mean, I know banks are notoriously backwards when it comes to technologies and information security, but this is just... wrong.
Really?!
That's the least secure option I can think about, including LastPass. No encryption whatsoever, and the whole setup relies on no one ever making copies or otherwise getting unauthorized access to the file. Audits could be tricky, too - Excel may save some temporary copies of this file somewhere (like in %TEMP%) without anyone realizing.
This stuff isn't rocket science (pass is a simple shell script, after all), but your comment sounds quite concerning. I mean, I know banks are notoriously backwards when it comes to technologies and information security, but this is just... wrong.